CVE-2002-0267

CVE-2002-0267 affects Simple Internet Publishing System (SIPS) prior to 0.3.1. A line break in the theme field followed by the Status::admin command allows remote attackers to gain administrative privileges by causing the Status line to be written into the password file. The connected sources con...

SIPS (PHP)

Product : SIPS Version : v0.2.2 WebSite : http://www.squishdot.org Problem : Viewing users account Description: ------------ You could easily look throught any user's account without any permissions. Each of them is in dir names after first letter of his login. For example foo will have url like...

CVE-2002-2218

CRLF injection vulnerability in the setUserValue function in sipssys/code/site.inc.php in Haakon Nilsen simple, integrated publishing system SIPS before 20020209 has unknown impact, possibly gaining privileges or modifying critical configuration, via a CRLF sequence in a key value...

SIPS - vulnerable to anyone gaining admin access.

!/exploit/by/b0iler sips - http://sourceforge.net/projects/sips/ versions lower than 0.3.1 Taken from freshmeat: "About: SIPS is an integrated Weblog and link-indexing system written in PHP. It is aimed at those with access to databaseless, PHP-enabled Web servers who want to run a Weblog site li...